Dell ThinOS 10 Improper Access Control (before 2602_10.0765): CVE-2026-40713 June 2026

Dell ThinOS 10, versions prior to ThinOS10 2602_10.0765, contain an Improper Access control vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Information exposure.

Vulnerability Analysis

CVE-2026-40713 can be exploited with physical access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality and integrity, and no impact on availability.

Attack Vector:

PHYSICAL

Attack Complexity:

LOW

Privileges Required:

NONE

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

HIGH

Availability Impact:

NONE

Weakness Type

What is an Authorization Vulnerability?

The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

CVE-2026-40713 has been classified to as an Authorization vulnerability or weakness.

Dell ThinOS 10 Improper Access Control (before 2602_10.0765)
CVE-2026-40713 Published on June 2, 2026

Vulnerability Analysis

Weakness Type

What is an Authorization Vulnerability?

Affected Versions

Dell ThinOS 10 Improper Access Control (before 2602_10.0765)CVE-2026-40713 Published on June 2, 2026

Vulnerability Analysis

Weakness Type

What is an Authorization Vulnerability?

Affected Versions

Dell ThinOS 10 Improper Access Control (before 2602_10.0765)
CVE-2026-40713 Published on June 2, 2026